Navigation

Books

Spam: The Next Generation

Submitted by Jesse on Tue, 08/05/2008 - 16:14

We know that the amount of spam sloshing around the Internet is enormous, but anyone who has a good spam filter can examine what is caught and see how much doesn't get through (but uses up bandwidth). Many of us have multiple layers of filtering: the basic level is done at the ISP, often behind the scenes. In my case, for my main account, the company hosting the mail account uses Postini and I can see what is trapped there. I rarely bother to check it--the settings are good and what it catches--spam and viruses--is clearly bad stuff.What gets through is then screened again by my spam rules in my email program--which is what most people do. At that level, I sort it automatically into two categories--the first is automatically deleted, and the second I look at manually. About half of it is not spam.It's in that last category that I find examples of the new breed of spam about once a month. This is semi-bulk email sent not in the millions but in the scores or hundreds. It flies below the filtering radar in many cases, but it's still spam and it's still insidious.I'm sure Plattsburgh is far from being the only place where the local Chamber of Commerce email list is circulated--legally or not. This week, I got an email message from a local hotel banquet manager invited me (and 904 other people on the list) to a tasting of their new hors d'oeuvres menu. The Chamber mailing list would be a likely set of prospects, but this was not marked as spam, and although there was information about RSVPs, there was no opt-out button--the usual violations of the CANSPAM Act.But the icing on the hors d'oeuvres cake as the fact that the email was sent TO all 905 people. Yes, no BCC addressing, just TO 905 people. That's obviously how this list circulates. I've seen these before, and I don't know how to stop it. The problem is that in a small community, these are not evil spammers, they're people you know (or who know people you know), and they're not so much evil and inexperienced. If you're sending millions of spam messages a day, you know how to do it. If you send one bulk email message a year--or ever--you are likely to do it wrong (such as by distributing the email addresses).The FTC has enough to do going after the big guns, so this type of spam just falls through the cracks. How do we raise awareness of how to comply with the CANSPAM Act and of how wrong it is to distribute email addresses in this way?Comments and suggestions needed.